我正在尝试使用sinatra通过https://launchpad.net提取请求令牌,以及自定义的omniauth策略
require 'omniauth-oauth'
require 'oauth/signature/plaintext'
require 'multi_json'
require 'pp'
module OmniAuth
module Strategies
class Launchpad < OmniAuth::Strategies::OAuth
option :name, "launchpad"
option :client_options, {
:authorize_url => 'https://launchpad.net/+authorize-token',
:request_token_url => 'https://launchpad.net/+request-token',
:site => 'https://api.launchpad.net',
:consumer_key => 'rubystfu',
:signature_method => 'PLAINTEXT',
:signature => '%26'
}
def request_phase
super
end
uid {
raw_info[:name]
}
info do
{
:description => raw_info['description'],
:name => raw_info['name'],
:display_name => raw_info['display_name'],
:karma => raw_info['karma'],
:self_link => raw_info['self_link'],
:email => raw_info['email']
}
end
extra do
{
:raw_info => raw_info
}
end
def raw_info
raw_info
end
end
end
end
我已经以这种方式设置了我的sinatra应用程序
#!/usr/bin/env ruby
require 'rubygems'
require 'bundler'
Bundler.setup :default, :development, :chonk
require 'sinatra'
require 'haml'
require 'omniauth-launchpad'
use Rack::Session::Cookie
use OmniAuth::Builder do
provider :launchpad
end
set :sessions, true
set :logging, true
class ChonkApp < Sinatra::Application
helpers do
def check_auth
redirect "/" if not session[:user]
end
end
get '/' do
redirect "/app" if session[:user]
haml :index
end
get '/app' do
check_auth
"#{session[:user]} | <a href='/logout'>logout</a>"
end
get '/logout' do
session.clear
redirect '/'
end
%w(get post).each do |method|
send(method, "/auth/:name/callback") do
auth = request.env['omniauth.auth']
a = auth.info
session[:user] = "%s %s (%s)" % [a.email, a.name, a.nickname]
redirect "/app"
end
end
get '/auth/failure' do
"I dunno wtfook happened."
end
end
文档说它需要3个发布的参数才能使用:
要获取请求令牌,请发送POST请求 https://launchpad.net/+request-token。 (注意:不是api.launchpad.net!) 这与Web浏览器提交时的POST相同 形成。您应该以form-URL-encoded提交以下值 格式。
oauth_consumer_key:您的消费者密钥oauth_signature_method:The string“PLAINTEXT”oauth_signature:字符串“&amp;”。
因此HTTP请求可能如下所示:
POST /+request-token HTTP/1.1 Host: launchpad.net Content-type: application/x-www-form-urlencoded oauth_consumer_key=just+testing&oauth_signature_method=PLAINTEXT&oauth_signature=%26 The response should look something like this: 200 OK oauth_token=9kDgVhXlcVn52HGgCWxq&oauth_token_secret=jMth55Zn3pbkPGNht450XHNcHVGTJm9Cqf5ww5HlfxfhEEPKFflMqCXHNVWnj2sWgdPjqDJNRDFlt92f
我唯一能看到的可能是不正确的是signature_method和/或签名。我对红宝石很新,所以任何建议都表示赞赏。回来的错误是'401未授权',我还没有弄清楚如何打印一些调试输出,以确定在请求期间传递给https://launchpad.net的确切内容。
签名请求文档的链接如下: https://help.launchpad.net/API/SigningRequests
感谢
P.S。 omniauth-launchpad的来源是https://github.com/battlemidget/omniauth-launchpad,对于实际应用https://github.com/battlemidget/chonk